Unauthenticated LFI on TP-Link WR740N

TP-Link WR740N suffers from an LFI vulnerability in the /help/ directory.

This is a PoC to demonstrate how to exploit the vulnerability and get the shadow file present on the linux system.

Make a request as the following:


From the research made, it does not look like there are previously LFI vulnerabilities discovered.

TP-Link was contacted regarding this vulnerability and they said that the product reach EOF and so no mitigation will be made to the router.


Back to Top ↑